Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          +bYRUoYXa8cA/j8h/qIgT6vLe+5cwQakQOrvYEWcuSU=
Subject key identifier:   65:71:EC:B7:F5:D8:0A:C3:D1:5A:3F:2C:93:72:76:87:C5:0B:A8:EF
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       0198D6612E2F80B3F0FD574AD80DDF4E1371
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0A0F
Signing time:             Sat 23 Aug 2025 10:02:29 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:29 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:29 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: nGZewMlzKWaGYL2JnCNrSSjgWwTkVDKICOfrDRXMUbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:02:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:2e:2f:80:b3:f0:fd:57:4a:d8:0d:df:4e:13:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Aug 23 10:02:29 2025 GMT
            Not After : Aug 24 10:02:29 2025 GMT
        Subject: CN=6571ecb7f5d80ac3d15a3f2c93727687c50ba8ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:38:40:95:d4:0e:99:53:3c:ef:56:ba:48:cb:
                    dd:e6:2e:03:14:e9:96:1a:98:75:da:13:33:8d:dc:
                    f1:68:ce:06:b6:5c:df:f8:2e:3d:29:de:46:0e:e4:
                    96:cc:85:79:ad:44:01:eb:91:5e:04:42:d5:7d:d4:
                    e2:c3:b4:be:84:b3:37:25:45:b6:23:26:d6:3b:7c:
                    ea:cf:35:0d:79:5f:c1:b0:60:4d:37:79:30:73:a8:
                    3f:89:f9:26:78:a7:7e:86:1b:33:d8:14:53:dd:68:
                    78:d7:79:e1:39:60:51:22:3d:e4:c4:50:85:73:53:
                    31:51:b3:72:3a:c0:92:f4:73:81:04:bd:7a:8a:dd:
                    20:43:83:36:4d:b7:94:9a:94:d9:fa:75:a8:e8:e3:
                    7e:ff:e6:7a:ff:02:ec:45:28:a3:56:f7:0d:57:6a:
                    37:05:1d:7e:3c:3f:50:54:5b:c1:4e:5f:66:48:12:
                    02:12:1c:be:81:ee:7e:a1:28:de:3c:1d:94:57:79:
                    be:1f:12:c2:8c:71:cd:d9:04:37:3c:c5:13:fc:6b:
                    0b:c3:56:45:7f:ee:c0:e2:54:57:61:2a:d8:61:0a:
                    f1:9c:df:42:61:68:0d:9e:84:2a:78:18:89:8b:29:
                    81:54:94:0c:77:a7:cc:a4:a6:13:b0:25:13:c0:3c:
                    76:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:71:EC:B7:F5:D8:0A:C3:D1:5A:3F:2C:93:72:76:87:C5:0B:A8:EF
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:39:70:93:07:92:39:fa:bd:68:f1:48:26:de:38:45:b6:21:
         84:eb:ea:ec:a5:85:27:ac:b3:89:f4:35:a3:b6:d7:d4:ca:8a:
         c1:90:fc:07:4f:21:83:df:8d:47:d3:e2:66:f3:c5:74:13:ac:
         4a:6d:49:0d:aa:91:a2:47:3b:71:91:4d:97:4d:e9:23:fa:34:
         f8:0a:64:fd:a2:51:cc:a7:c4:91:04:45:83:27:c9:98:89:e4:
         85:05:b0:93:21:69:7d:79:bd:12:b7:18:d0:88:5a:e5:a5:dd:
         e4:ab:d2:95:4f:02:cc:e2:92:0c:77:c0:70:ff:a1:db:13:af:
         d2:9a:27:03:bc:a0:4a:a4:fd:b8:6e:e2:f9:88:8c:c7:0e:e0:
         e8:30:cf:cd:6e:cd:99:04:eb:dc:17:4a:e8:38:20:44:34:1d:
         bf:32:83:d5:65:25:eb:33:18:84:98:62:64:3e:04:44:9c:7c:
         67:c7:02:30:73:41:1b:1a:4b:78:a1:cd:8c:3b:60:b5:f2:aa:
         85:69:6b:dc:60:fb:18:b8:24:42:60:03:1c:6f:a2:4e:4d:a9:
         a5:64:f4:dc:3c:cd:4b:46:06:c8:07:e2:90:6c:ce:35:5d:49:
         4b:1d:23:1f:57:6c:fa:02:f1:ad:f8:b8:b0:b0:bc:09:ef:e1:
         e4:6e:8a:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYS4vgLPw/VdK2A3fThNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjUwODIzMTAwMjI5WhcNMjUwODI0MTAwMjI5WjAzMTEwLwYDVQQD
Eyg2NTcxZWNiN2Y1ZDgwYWMzZDE1YTNmMmM5MzcyNzY4N2M1MGJhOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjhAldQOmVM871a6SMvd5i4DFOmW
Gph12hMzjdzxaM4Gtlzf+C49Kd5GDuSWzIV5rUQB65FeBELVfdTiw7S+hLM3JUW2
IybWO3zqzzUNeV/BsGBNN3kwc6g/ifkmeKd+hhsz2BRT3Wh413nhOWBRIj3kxFCF
c1MxUbNyOsCS9HOBBL16it0gQ4M2TbeUmpTZ+nWo6ON+/+Z6/wLsRSijVvcNV2o3
BR1+PD9QVFvBTl9mSBICEhy+ge5+oSjePB2UV3m+HxLCjHHN2QQ3PMUT/GsLw1ZF
f+7A4lRXYSrYYQrxnN9CYWgNnoQqeBiJiymBVJQMd6fMpKYTsCUTwDx28wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVx7Lf12ArD0Vo/LJNydofFC6jvMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeDlwkweS
Ofq9aPFIJt44RbYhhOvq7KWFJ6yzifQ1o7bX1MqKwZD8B08hg9+NR9PiZvPFdBOs
Sm1JDaqRokc7cZFNl03pI/o0+Apk/aJRzKfEkQRFgyfJmInkhQWwkyFpfXm9ErcY
0Iha5aXd5KvSlU8CzOKSDHfAcP+h2xOv0ponA7ygSqT9uG7i+YiMxw7g6DDPzW7N
mQTr3BdK6DggRDQdvzKD1WUl6zMYhJhiZD4ERJx8Z8cCMHNBGxpLeKHNjDtgtfKq
hWlr3GD7GLgkQmADHG+iTk2ppWT03DzNS0YGyAfikGzONV1JSx0jH1ds+gLxrfi4
sLC8Ce/h5G6KOA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:25:18 2025 by rpki-client